MP4 streaming using Apache + WHM/cPanel

Streaming MP4 files with Apache + h264_streaming has never been easier. Setup your web server to stream MP4 files using Apache in just 3 minutes.

cd /usr/local/src
wget http://h264.code-shop.com/download/apache_mod_h264_streaming-2.2.7.tar.gz
cd mod_h264_streaming-2.2.7
./configure --with-apxs='which apxs'
make && make install

Non WHM/cPanel users
Should now add those two lines into httpd.conf:

LoadModule h264_streaming_module /usr/local/apache/modules/mod_h264_streaming.so
AddHandler h264-streaming.extensions .mp4

and simply restart Apache using:

service httpd restart

WHM/cPanel users
Should use Include Editor since any changes made to httpd.conf will be lost in case of rebuilding apache.
So login to WHM and go to Apache Configuration -> Include Editor -> Pre Main Include -> All Versions and in the box that appears copy/paste following two lines and after saving that confirm Apache restart.

LoadModule flvx_module modules/mod_flvx.so
AddHandler flv-stream .flv

Here are a few pictures for newbies so they can find their way trough more easily:

1. Apache Configuration
2. Include Editor
apache include editor whm cpanel

3. Locate PreMain Include – select All Versions
4. Copy/paste those two lines and press Update (then confirm Apache reload)
h264-streaming-module

That’s it!

FLV Streaming using Apache
To learn how to setup FLV streaming using Apache click here


DigitalOcean vs. Linode

I’ve seen numerous DigitalOcean vs Linode reviews but for some reason people always made these tests with the cheapest plans. For my review and my tests I’ve decided to use slightly bigger plans – with 8GB of RAM on both  – and see what comes up. Both plans are priced at $80/month (billed hourly). Before we go take a quick note on the terminology: a DigitalOcean VPS is called a “droplet” while Linode’s one is called a “linode” 🙂

Offer
DigitalOcean offers:
– 8GB or RAM
– 4 CPU cores
– 80GB of SSD disk space
– 5TB of bandwidth
– 1Gbps network connection

Linode offers:
– 8GB of RAM
6 CPU cores
192GB of SSD disk space
8TB of bandwidth
– 1Gbps network connection

So clearly Linode offers more for the same price: more than a double of disk space, 2 more CPU cores and more bandwidth. This is probably due the fact that they have released their offer after DigitalOcean so that’s some healthy competition right there.

Hardware
Before we start let’s talk a bit about hardware used by those two companies. DigitalOcean at Amsterdam NL (AMS-3) droplets use Intel Xeon E5-2630L v2 at 2.4 GHz. On the other hand a Linode at London shows Intel Xeon E5-2680 v2 at 2.80GHz. So Linode should have a slightly better processor and should get more processing power for the same amount of money. Other than processor, there isn’t a way to detect the type of memory or SSD drives used.

Note:
DigitalOcean at Netherland’s AMS-1 location “hides” their CPU model behind “QEMU Virtual CPU version 1.0” clocked at 2 GHz. So this is one more reason to choose AMS-3 over AMS-1.

Virtualization
DigitalOcean utilizes KVM virtualization while Linode uses Xen.

Control Panel
While DigitalOcean have a minimalist approach to their control panel it lacks some important functions: for example you can’t see how much bandwidth have you spent (not that they care since they do not charge if you go over the monthly limit), you can’t have more than one IP allocated to a single droplet, plan upgrades and downgrades can be really complex to do and time consuming creating a significant downtimes.
Linode is clearly more feature rich platform. They will provide you much better charts and more options. Their Control Panel is more geeky and their SSH in web console works much better and faster compared to one at DigitalOcean, you can buy and assign extra IPs to your linode, you will get an email if your linode is under high load and it can be even auto rebooted in case it hangs.

Aditional Services
DigitalOcean offers backups at the cost of +20% on the droplet monthly price. They also offer free DNS hosting and that’s about it. Linode offers backups (at the same price +20%) and free DNS hosting but beside that they also offer some interesting features like Monitoring, Load Balancing and Fully Managed Service (at $100/month per account for all liodes you have).

OS Choices
DigitalOcean offers CentOS, CoreOS, Debian, Fedora, Ubuntu as well as preinstalled applications (Ruby on Rails, WordPress, LAMP, LEMP, Django, MEAN, NodeJS, Ghost, GitLab, Docker, Drupal, Dokku, Magento, Redmine). Linode offers: Arch Linux, CentOS, Debian, Fedora, Gentoo, openSUSE, Slackware, Ubuntu but they also offer lot more settings when creating a new Linode (from partition setup to kernels).

Setup Time
DigitalOcean is clearly a winner: they will have your droplet created in 55 seconds and process is really easy. While the same thing on Linode takes few more minutes and is somewhere complicated: you first create a new linode and then deploy an OS while at DigitalOcean it’s done at once.

Geo Locations
At Linode you can deploy at United States (Dallas TX, Fremont CA, Atlanta GA and Newark NJ), United Kingdom (London) and Japan (Tokio) while Digital Ocean on the other hand offers droplets at United States (New York NY, and San Francisco CA), United Kingdom (London), Netherlands (Amsterdam) and Singapore. Linode has better offer of locations in US but they lack Netherlands as really important European location.

Uptime and Stability
I’ve been using DigitalOcean since Feb 2013 and I haven’t noticed any major downtime. In case of some works or scheduled maintenance they send on time emails and they really keep the downtime minimal. I’ve been using Linode for a few months and they also seem stable and reliable. So they are both stable and unlike many people claim that they would never host “mission critical” stuff on DigitalOcean for a reason, I’m doing exactly that since Feb 2013 without any problems. Even this site is hosted on DigitalOcean since then.

Support
In the start DigitalOcean support was really helpful bur recently the quality of their support is bit lower, but on the other hand they offer amazing amount of tutorials and really a helpful community. Linode is famous for their good support and I’ve also found really really helpful community on their IRC (almost like a unofficial live chat support).

Performance
Linode should have better performance than DigitalOcean because of the more powerful processor and more cores available. But is faster? Well, actually no! I’ve used ServerBear’s benchmarks  (one newly created CentOS 7 dorplet/linode) and here are the results I’ve got:

Linodes single core UnixBench score is 516.6 vs 1,235.7 for DigitalOcean. At a single core level a DigitalOcean is almost twice faster than Linode. This is really interesting and totally unexpected result!

But Linode has 6 cores and DigitalOcean has only 4 so it will be faster anyway, right? More cores means more power, right? WRONG!!!

Even though DigitalOcean has 50% less cores their total score is 50% better than Linode’s (2,154 compared to 3,356) meaning that every single DigitalOcean CPU core performs 100% faster than every single Linode’s core. And that’s another unexpected result! This is also very odd and might suggest that Linode is oversold or something but I’m really not sure.

If you don’t trust me take a look at the results your self:
Linode-8gb-unixbench

DigitalOcean-8GB-unixbench

What about IO performance? Who’s got faster SSDs? My results show that read performance is pretty close while write performance almost twice faster on Linode:

DigitalOcean:
Timing cached reads: 16442 MB in 2.00 seconds = 8233.03 MB/sec
Timing buffered disk reads: 1070 MB in 3.00 seconds = 356.62 MB/sec

Linode:
Timing cached reads: 18408 MB in 1.98 seconds = 9298.57 MB/sec
Timing buffered disk reads: 2142 MB in 3.00 seconds = 713.35 MB/sec

But, ServerBear tests show that Linode IO is way much faster:
DigitalOcean-IO-speed

Linode-IO-speed

Network speeds are pretty close so we can call them even.

Complete Benchmark Results
Click on a links below for complete benchmark results:
– DigitalOcean: http://serverbear.com/benchmark/2014/11/29/GCJgYYuCapGFxUfV
– Linode: http://serverbear.com/benchmark/2014/11/29/bffAscAzM9j8mZSl

Conclusion
Things aren’t always as they might seem. Even Linode has slightly better processor and twice more cores my benchmark results showed that it’s not faster than DigitalOcean. In fact it’s almost 50% slower. On the other hand Linode IO performance of is twice (or more) times better than IO performance of DigitalOcean.

My Recommendation
Even both are really good hosting providers and they give a lot for the money I couldn’t say one host is better than another. But here are some general guidelines I came up with that might help you decide:

  1. If you need simple and cheap VPS to play around – DigitalOcean
  2. If you need fast CPU or you are hosting CPU intense application – DigitalOcean
  3. If you need to deploy WordPress, Drupal, Redmine, LAMP or LEMP application – DigitalOcean
  4. If you plan on serving lots of static content – Linode
  5. If you need lots of disk space – Linode
  6. If you need lots of geeky (*nix) functions – Linode
  7. If you like minimalist (Apple) approach – DigitalOcean
  8. If you want it managed and don’t mind paying extra $100/month – Linode
  9. If you need more than one IP – Linode
  10. If you need lots of bandwidth – Linode gives more but DigitalOcean doesn’t charge for overage 😉
  11. If you need to scale up (or down) your plan easily – Linode

In the end – whichever you pick – you’ll be happy with it since they are both really good virtual hosting providers. Compared to regular (non SSD powered) VPS hosts they are both really fast.

Tags: digitalocean speed test android, linode add disk space

How to disable xmlrpc.php?

While monitoring my system I have notices increased number of requests to xmlrpc.php. Every single of those requests took 200MB to 205MB of ram and resulted in system instability and in few occasions it caused my 8GB Digital Ocean Droplet to go out of memory and eventually crashed leaving all my sites not working for some 10hours or so.

Recently I’ve read that many hackers now use xmlrpc.php instead of wp-login.php to execute their brute force attacks. And the problem is – since WordPress 3.5 you can’t disable the use of xmlrpc, at least not from the WordPress control panel.

There are many ways to do that and I’ll write some:

1. Deleting xmlrpc.php file
This is really not recommended. Also after WordPress (auto)update the deleted file will be replaced so it’s not really smart to do this, but I just wanted to write this just in case someone doesn’t try to do this.

2. Plugins
There are several plugins that can do this. I found these two to be the most used ones: Disable XML-RPC and  XML-RPC Pinkback. Both plugins are really basic (only couple lines of code) but they should be able to help you out and protect your blog against those attacks.

3. Adding filter to theme functions.php file
This is basically same thing as the plugin above, but you have one plugin less. All you need to do is to edit your theme’s functions.php and add these couple of lines:

function remove_x_pingback($headers) {
    unset($headers['X-Pingback']);
    return $headers;
}
add_filter('wp_headers', 'remove_x_pingback');
add_filter('xmlrpc_enabled', '__return_false');

4. Block access at .htaccess
You can simply add this one line of code to your .htaccess file and block the access to the xmlrpc.php file entirely. User accessing the xmlrpc.php will get the 403 Forbidden error.

<Files xmlrpc.php>
Order Deny,Allow
Deny from all
</Files>

5. Blocking access in nginx
If you are running nginx instead of Apache you should add this code to your nginx configuration:

server {
    location = /xmlrpc.php {
        deny all;
    }
}

6. Block on entire server
If you have one server or VPS with tens of hundreds of WordPress installations (like me) any of the solutions above will take time to implement. So the best thing to do is to block access to xmlrpc.php file on Apache level, simply by adding this to httpd.conf file:

<FilesMatch "^(xmlrpc\.php)">
Order Deny,Allow
Deny from all
</FilesMatch>

Or even better adding this code (that also blocks wp-trackback.php and also prevent’s trackback hacking attempts).

<FilesMatch "^(xmlrpc\.php|wp-trackback\.php)">
Order Deny,Allow
Deny from all
</FilesMatch>

If you don’t use XML-RPC than you can safely disable it using any of the methods above (except the first one, of-course) and protect your blog against xmlrpc hacks.


How to install Munin monitoring on cPanel/WHM

Many people like to have some monitoring tool with lots of charts so they can track better how their server is performing. One of the best known tools for this is Munin: a free (open source) networked resource monitoring tool. Installation on WHM powered hosting is somewhat easy:

Munin

 

Continue Reading

Tags: Can I use munin and csf on WHM cpanel, how to recover the private part code of samsungz2, munin whm, where didi u find private folder on samsungZ2

RESTRICT_SYSLOG is disabled error at CSF

Few days ago I noticed the following error at CSF:
WARNING: RESTRICT_SYSLOG is disabled. See SECURITY WARNING in Firewall Configuration

CSF-Restrict-syslog-is-disabled

Here is easy solution how to solve this:

1. Login to WHM
2. Home > Plugins> ConfigServer Security & Firewall > Firewall Configuration
3. Set RESTRICT_SYSLOG to 3 (which is the default value), save and restart CSF

Thats it!


How to stop Wget Cron jobs creating log files in home directory?

If you’re using /usr/bin/wget to run your Cronjobs you might notice that every time that cron runs – wget will also creates a log file and will places in your home directory. If you run cron too often (every few minutes) it can add up very quickly and pretty soon you’ll end up with thousands of useless (junk) log files in your home directory. Also your disk space could get consumed especially if you’re on shared hosting or have limited amounts of disk space available. We don’t want anything of that.

Solution is pretty simple actually. All you need to do is add an extra parameter -O /dev/null

So your wget command would look something like this:

/us/bin/wget -O /dev/null http://www.script.com/script.php

This will tell to save output to /dev/null – meaning not to save it at all..
It’s as simple as that. Let me know in comments if this worked out!

Tags: Tips n Tricks !!: September 2014

How to fix Openssl Heartbleed vulnerability

What’s Heartbleed vulnerability (CVE-2014-0160)?
A serious OpenSSL vulnerability has been found, and is named Heartbleed and it affected all servers running OpenSSL versions from 1.0.01 to 1.0.1f. This vulnerability can be used to get the Private key of a SSL connection, so it is important to update / patch your server immediately. This bug is fixed in OpenSSL version 1.0.1g. All major Linux Distros have already released updates for Hartbleed vulnerability.

How to find out if your server is affected from Openssl Heartbleed vulnerability (CVE-2014-0160)?
Login to your SSH and execute following command to get the installed version number of OpenSSL:

openssl version

The result should be something like this:

openssl version
OpenSSL 1.0.1e 11 Feb 2013

If the version is below 1.0.1g your server might be vulnerable and you should patch it (see how below).
If your server is using a 0.9.8 release like it is used on Debian squeeze, then the server is not vulnerable as the HeartBleed function has been implemented in OpenSSL 1.0.1 and later versions only.

openssl version
OpenSSL 0.9.8o 01 Jun 2010

Fixing the Heartbleed vulnerability
CentOS and Fedora:

yum update

Ubuntu and Debian:

apt-get update
apt-get upgrade

OpenSUSE:

zypper update

Ok, now what?
After this you should restart all the services using OpenSSL but better idea is to restart the whole server just in case.

You can also verify on following site if you successfully closed the Heartbleed security hole on your server: http://filippo.io/Heartbleed/


How to install htop

htop is an interactive process viewer for Linux, which is a powerful alternative to top utility.

Main features of htop:
– Supports mouse interactions
– Better sorting and selective display
– Color formatted display
– Resource graphs
– Process treeview
– Installing htop

To install htop to Redhat or CentOS Linux easily via the yum package manager. However sometimes it happens that yum repository doesn’t have that package, so the rpmforge package repository must be installed first. To install, retrieve, and install the following RPM for your architecture (32bit or 64bit).

32-BIT

wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm
rpm -Uhv rpmforge-release*.rf.i386.rpm

64-BIT

wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm
rpm -Uhv rpmforge-release*.rf.x86_64.rpm

Now that the rpmforge repository is installed, you can install the htop package easily via yum.

yum install htop

How to setup your own Cloud

Problems:
– Have you ever wondered how to setup your own private Cloud service?
– Is there any (preferably self hosted) alternative to DropBox, Google Drive, SkyDrive… ?
– Services like Dropbox and Google Drive are really good but they can cost you money if you need more space.
– You have tried all the alternatives to Dropbox and Google Drive but you need something different?
– Do you really need all the futures they provide?
– Do you need more features (like syncing calendars, tasks, contacts and music)?
– Do you want to be able to install pre-made or develop your own plugins for your cloud?
– Can we really trust companies like Google or Dropbox them with our data?
– Are you a small company or start-up and you can’t afford a $795/year for Dropbox team service?
– You also need iPhone and Android application so you can access your files on your phone?
– You also want a Windows, Mac or Linux Desktop application and Web access?
– You want to host that could on your company server or inhouse? And you want it on a sub-domain like cloud.yourcompany.com?
– And you want it free or really cheap?

Not a problem! We got you covered with all that!!!

The Solution
The solution to problems listed (and un-listed) above is really simple. All you need is to install ownCloud on your server/hosting. This software is a PHP/MySQL powered so it will work on just about any Linux server and is released under AGPL license.

Getting Hosting
In case you have hosting (shared/vps/cloud/dedicated) you can skip this paragraph.
If you don’t have one – you can get it pretty cheap these days and my advice is to go with DigitalOcean. They will provide you with great entry level VPS (512MB of DDR3 RAM, 1 Intel Xeon 2GHz Core, 20GB od SSD hard disk space and 1TB of bandwidth) for just $5. Did I mention it’s SSD powered – so it’s blazing fast! Plus you can deploy your VPS in US or NL and you can add backups for 20% (in this case for $1 extra a month). New VPS is provisioned in 60 seconds and you pay per hour of use (not monthly). So you’re invited to play bit with different linux distributions, geo-locations and sizes etc.. and to fully test it out before you put it in production use.

Detailed installation instructions for Digital Ocean can be found in here and if you need any help in setting it up – feel free to contact me.

Installing OwnCloud on shard hosting
The installation process is easy and it’s similar to installing just about any PHP/MySQL script (like WordPress for eg.).
Here’s step by step guide:
1. Download the web installer from this url: https://download.owncloud.com/download/community/setup-owncloud.php
2. Upload setup-owncloud.php to your web space
3. Point your web browser to setup-owncloud.php on your webspace
4. Follow the instructions and configure ownCloud
5. Login to your newly created ownCloud instance!
In case you need any help with the setup feel free to contact me

Downloading Desktop Client
There are Desktop Sync Applications already developed for Windows, Linux and Mac OS. All you need to do is to download them and install them.

iOS and Android Applications
You can get them from Apple Store or from Google Play. They are not free but are really cheap and cost only $0.99 to install. Here’s a nice YouTube tutorial of Android Application:

Feature list of ownCloud
– Access, Share and Sync your data
– Tasks, Contacts, Calendar, Galleries and Music
– Public API
– Templates
– SSL Encryption
– Powerful Search
– File Versioning
– File Un-Delete
– Download whole folders as ZIP archives
– LDAP Active Directory
– User Management
– User Quotes and Groups
– Internal Messages (free 3rd party app)
– External Storage (access data from AmazonS3, GoogleDocs, DropBox, FTP…)
– PDF viewer in browser (no plugins required)
– ODF Document Viewer (file formats: .odt, .odp, .ods)
– Image Viewer and Media Player (free 3rd party app)
– Text Editor (PHP editor with syntax highlighting)
– Translated into many laguages
– Migration and backup of accounts
– Application store (so you can expand your cloud with extra plugins)
– If you are HUGE company or organisation you should check Enterprise Edition at ownCloud.com

ownCloud Demo
To try out the ownCloud software you can check official ownCloud demo

Conclusion
OwnCloud is really interesting, feature rich cloud platform that enables you to share your data between users and various devices. It can be useful for both individuals and companies/organizations. If you have a need for your own cloud solution or you are looking for alternative to Dropbox, Google Drive or SkyDrive – you should give it a try!


How to disable directory browsing globally on whole WHM/cPanel server

To disable directory browsing/listing on whole server, follow these simple instructions:

1. Log into WHM
2. Service Configuration –> Apache Configuration
3. Global Configuration
4. Scroll down to Directory ‘/’ Options
5. Un-tick Indexes option (see picture)
6. Then press Save button below
7. Finally, rebuild by clicking rebuild apache conf button and that’s it…

How to disable directory browsing globally on whole WHM-cPanel server

 

Tags: disable bdirectory browsing cpanel